svn commit: r360977 - releng/12.1/sys/opencrypto
Gordon Tetlow
gordon at FreeBSD.org
Tue May 12 16:59:10 UTC 2020
Author: gordon
Date: Tue May 12 16:59:09 2020
New Revision: 360977
URL: https://svnweb.freebsd.org/changeset/base/360977
Log:
Fix insufficient cryptodev MAC key length check.
Approved by: so
Security: FreeBSD-SA-20:16.cryptodev
Security: CVE-2019-15880
Modified:
releng/12.1/sys/opencrypto/cryptodev.c
Modified: releng/12.1/sys/opencrypto/cryptodev.c
==============================================================================
--- releng/12.1/sys/opencrypto/cryptodev.c Tue May 12 16:57:47 2020 (r360976)
+++ releng/12.1/sys/opencrypto/cryptodev.c Tue May 12 16:59:09 2020 (r360977)
@@ -602,8 +602,8 @@ cryptof_ioctl(
if (thash) {
cria.cri_alg = thash->type;
cria.cri_klen = sop->mackeylen * 8;
- if (thash->keysize != 0 &&
- sop->mackeylen > thash->keysize) {
+ if (sop->mackeylen > thash->keysize ||
+ sop->mackeylen < 0) {
CRYPTDEB("invalid mac key length");
error = EINVAL;
SDT_PROBE1(opencrypto, dev, ioctl, error,
More information about the svn-src-all
mailing list